diff --git a/files/__main__.py b/files/__main__.py index d7b33b9ca..1e18804af 100644 --- a/files/__main__.py +++ b/files/__main__.py @@ -28,7 +28,7 @@ app.jinja_env.cache = {} app.jinja_env.auto_reload = True faulthandler.enable() -if bool_from_string(environ.get("ENFORCE_PRODUCTION", True)) and app.config["DEBUG"]: +if bool_from_string(environ.get("ENFORCE_PRODUCTION", True)) and app.debug: raise ValueError("Debug mode is not allowed! If this is a dev environment, please set ENFORCE_PRODUCTION to false") if environ.get("SITE_ID") is None: @@ -176,6 +176,7 @@ def before_request(): return 'Please use a "User-Agent" header!', 403 ua = g.agent.lower() + g.debug = app.debug g.webview = ('; wv) ' in ua) g.inferior_browser = ( 'iphone' in ua or diff --git a/files/helpers/const.py b/files/helpers/const.py index 00415b073..c1369285e 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -76,6 +76,10 @@ VIDEO_FORMATS = ['mp4','webm','mov','avi','mkv','flv','m4v','3gp'] AUDIO_FORMATS = ['mp3','wav','ogg','aac','m4a','flac'] NO_TITLE_EXTENSIONS = IMAGE_FORMATS + VIDEO_FORMATS + AUDIO_FORMATS +PERMS = { + "DEBUG_LOGIN_TO_OTHERS": 3, +} + AWARDS = { "lootbox": { "kind": "lootbox", diff --git a/files/helpers/jinja2.py b/files/helpers/jinja2.py index 90702f09c..e1b61051c 100644 --- a/files/helpers/jinja2.py +++ b/files/helpers/jinja2.py @@ -65,6 +65,7 @@ def inject_constants(): "DEFAULT_COLOR":DEFAULT_COLOR, "COLORS":COLORS, "THEMES":THEMES, + "PERMS":PERMS, } def template_function(func): diff --git a/files/routes/__init__.py b/files/routes/__init__.py index f6379d6bb..3af165546 100644 --- a/files/routes/__init__.py +++ b/files/routes/__init__.py @@ -1,3 +1,5 @@ +from files.__main__ import app + from .admin import * from .comments import * from .errors import * @@ -15,4 +17,6 @@ from .feeds import * from .awards import * from .giphy import * from .volunteer import * +if app.debug: + from .dev import * # from .subs import * diff --git a/files/routes/dev.py b/files/routes/dev.py new file mode 100644 index 000000000..eeeee4451 --- /dev/null +++ b/files/routes/dev.py @@ -0,0 +1,20 @@ +from secrets import token_hex +from flask import session, redirect, request + +from files.helpers.const import PERMS +from files.helpers.get import get_user +from files.helpers.wrappers import admin_level_required +from files.__main__ import app + +if not app.debug: + raise ImportError("Importing dev routes is not allowed outside of debug mode!") + +@app.post('/dev/sessions/') +@admin_level_required(PERMS['DEBUG_LOGIN_TO_OTHERS']) +def login_to_other_account(v): + u = get_user(request.values.get('username')) + session.permanent = True + session["lo_user"] = u.id + session["login_nonce"] = u.login_nonce + session["session_id"] = token_hex(49) + return redirect('/') diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html index 4639be72a..46957bcd0 100644 --- a/files/templates/admin/admin_home.html +++ b/files/templates/admin/admin_home.html @@ -59,7 +59,7 @@
  • Daily Stat Chart
    • -{% if v.admin_level > 2 %} +{% if v.admin_level >= 3 %} 
    
 	
    
 		
@@ -106,5 +106,20 @@
 	
 	
 {% endif %}
-
+{% if g.debug %}
+
    
+	
    Debug Options
    
+	{% if v.admin_level >= PERMS["DEBUG_LOGIN_TO_OTHERS"] %}
+	
+	{% endif %}
+
    
+{% endif %}
 {% endblock %}